Inspect and maintain your log files on a regular schedule. Use these methods to secure log files:
Enable logging and send system logs to a dedicated secure log host.
Configure logging to include accurate time information, using Network Time Protocol (NTP) and timestamps.
Perform regularly scheduled scans of network device logs for unusual network activity or access.
Review logs for possible incidents and archive them in accordance with a security policy.
Periodically retire log files when they exceed a reasonable size. Maintain copies of the retired files for possible future reference or statistical analysis.